Download the session slides

Ever wonder about threat actors impersonating each other to obscure their intetions or to shift blame to met a political agenda? If so, in this talk we will be walking through a technical analysis of Bitter APT’s ZxxZ backdoor, its attack chain and capabilities. Once we understand Bitter APT’s malware, there will be a demonstration of delivering our own payloads to infected targets using their malware with our own C2 server. To conclude, we will discuss both technical and non-technical points to be aware of when performing attribution.

Your Speaker
I started my career after I hit rock bottom being a single mom who moved back to live with my parents. This was after dropping out of computer science in university, my professors told me I would not be good enough to get a job in computers. I had lost all passion for what I loved and hoped for the future. I worked with my case worker (social assistance program) and they helped me gain the confidence to try computers again. I was able to tech myself programming and other computer science concepts on my own time (online courses). With this, I was able to regain my confidence regarding computers. I then became really interested in offensive security and applied to work at a cyber security company. I started as an entry-level analyst and worked my way up to starting my own threat research and detection department. I taught myself how to reverse engineer malware from scratch along the way and have not looked back since. If I can train an English teacher to reverse engineer malware, I have the confidence I can train anyone to get the task done. If you are looking for someone to lead your threat research and detection team who has done each job on the way up to the top, I might be the one you are looking for. Since then, I’ve presented research all across North America, appeared on TV as an expert twice and have not looked back. I love reverse engineering, malware analysis, detecting threat actors, the thrill of the hunt, mentoring other women who want to get into cyber security and most importantly, my family and the wonderful people on my team who have grown so much in their careers.